This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP ESOP Framework

Revision as of 18:49, 18 April 2011 by Paulo Coimbra (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Enhancing Security Options Framework (ESOP Framework) (home page)
Purpose: Purpose of the framework is to provide a security layer to a given web application / web site via web service which can use the functions / modules to protect the site from following vulnerabilities:
  1. Remote code execution
  2. SQL injection
  3. Format string vulnerabilities
  4. Cross Site Scripting (XSS)
  5. Session hacking
  6. Denial of service (DoS) attacks
  7. Eavesdropping /Sniffing/ Phishing
  8. Identity Spoofing
  9. Man-in-the-Middle Attacks
  10. Username enumeration
    1. Instrumentation & Audits for:
    2. Critical Business Areas
    3. User Management
    4. Un-usual activities
    5. Interfaces Integrations
  11. IIS Tweaks
  12. Password Policy
License: GNU GPL V3.0
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
current release
Release Road Map for the ESOP Framework:

1. Wave 1: Documentation and Wireframe of the service framework
2. Wave 2: Class and design diagram framework
3. Wave 3: Development of the framework
    1. Application layer development
    2. Data layer development
4. Wave 4: Integration
5. Wave 5: Alpha Testing
6. Wave 6: Beta Testing
7. Release & Publish
4. Project links (if any) to external sites: N.A.
5. Project License: GNU GPL V3.0

last reviewed release
Not Yet Reviewed

other releases